var createError = require('http-errors');
var express = require('express');
var path = require('path');
var cookieParser = require('cookie-parser');
var logger = require('morgan');
var cors = require("cors")
var app = express();

var { expressjwt: jwt } = require("express-jwt");


// app.use(
//   jwt({
//     secret: "123456",   // secret: 当时生成token的密钥
//     algorithms: ["HS256"], // 当时生成token的加密算法，默认就是HS256 不需要改
//   }).unless({ 
//     path: ["/login/dologin",{ url:'/register' } ,/^\/upload/,/^\/public/ ] 
//   })
// );


// app.use(function(err, req, res) {

//   //错误对象中 的name为： UnauthorizedError ，那么就意味着是 token错误

//   if( err.name == 'UnauthorizedError' ){
//     res.send({
//       code:401,
//       msg:'token无效，或未登录'
//     })
//   }else{
//     res.send({
//       msg:'其它未知错误',
//       err,
//       code:err.status
//     })
//   } 
// });


app.use(cors())
// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'jade');

app.use(logger('dev'));
app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
app.use('/upload',express.static(path.join(__dirname, 'upload')));
app.use('/files',express.static(path.join(__dirname, 'files')));

var mainRouter = require('./routes/main');
app.use('/main', mainRouter);

// catch 404 and forward to error handler
app.use(function(req, res, next) {
  next(createError(404));
});

// error handler
app.use(function(err, req, res, next) {
  // set locals, only providing error in development
  res.locals.message = err.message;
  res.locals.error = req.app.get('env') === 'development' ? err : {};

  // render the error page
  res.status(err.status || 500);
  res.render('error');
});

module.exports = app;
